Microsoft has deployed urgent security updates for Windows and Office software, following reports that cybercriminals are exploiting grave zero-day flaws to penetrate devices worldwide.
The February 2026 Patch Tuesday rollout fixes 58 vulnerabilities, including six zero-days under active attack—three already public. These encompass high-severity privilege escalations, data leaks, and remote code execution risks, with CISA urging federal agencies to patch swiftly against ransomware and espionage threats.
Central to the danger is a Windows Shell flaw that lets malicious links bypass SmartScreen via a single click, unleashing malware across all supported versions.
“There is user interaction here, as the client needs to click a link or a shortcut file,” wrote security researcher Dustin Childs. “Still, a one-click bug to gain code execution is a rarity.”
Google’s Threat Intelligence Group flagged widespread abuse granting high-privilege malware for system takeovers or data theft. Another targets the MSHTML engine in modern Windows, enabling silent malware drops, while tainted Office files trigger via rigged documents—though previews remain safe.
Microsoft credited Google and others for discoveries, as public exploit details heighten risks. Experts press for immediate updates, eyeing nation-state or crime group involvement.